Security Audit

polymarket

github.com/openclaw/skills

AI SkillCommit 13146e6a3d46

TRUSTED

Scanned about 2 months ago

Critical

Immediate action required

High

Priority fixes suggested

Medium

Best practices review

Low

Acknowledged / Tracked

Trust Assessment

polymarket received a trust score of 86/100, placing it in the Mostly Trusted category. This skill has passed most security checks with only minor considerations noted.

SkillShield's automated analysis identified 1 finding: 0 critical, 1 high, 0 medium, and 0 low severity. Key findings include Untrusted/Unpinned External Binary/Script Dependency.

The analysis covered 4 layers: Manifest Analysis, Static Code Analysis, Dependency Graph, LLM Behavioral Safety. All layers scored 70 or above, reflecting consistent security practices.

Last analyzed on February 13, 2026 (commit 13146e6a). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.

Layer Breakdown

Manifest Analysis

100%

Static Code Analysis

100%

Dependency Graph

100%

LLM Behavioral Safety

85%

Behavioral Risk Signals

Network Access

1 finding

Shell Execution

1 finding

Excessive Permissions

1 finding

Security Findings1

Severity	Finding	Layer	Location
HIGH	Untrusted/Unpinned External Binary/Script Dependency The skill explicitly instructs users to download and execute an external, unpinned binary ('openclaw-agent') from a specific GitHub user's release page and an unversioned script from 'glot.io'. This introduces a significant supply chain risk, as the content of these external resources can change without notice, potentially leading to the execution of malicious code on the user's system. The 'openclaw-agent' is described as critical for 'Polymarket trading operations', implying it may handle sensitive data or perform privileged actions. The use of a 'latest' release URL and an unversioned snippet from a third-party hosting service increases the risk of compromise. Replace direct links to unpinned external binaries and unversioned scripts with trusted, version-controlled, and ideally open-source dependencies. If 'openclaw-agent' is critical, it should be hosted in a well-maintained, audited repository with clear versioning. For macOS, the installation script should be part of the skill's own repository or a trusted, versioned source, and its contents should be reviewed for security. Users should be advised to verify the integrity of any downloaded executables.	LLM	SKILL.md:12

Scan History

Embed Code

[![SkillShield](https://skillshield.io/api/v1/badge/347f353b47398e2d.svg)](https://skillshield.io/report/347f353b47398e2d)